How to set virtual IPs on startup (and a super bonus question!)

diggs · 06-23-2008, 11:17 PM

Good day!

These questions pertain to FC7.

I would like to set the following IPs on my computer whilst it starts up:
192.168.11.105
192.168.1.105
Currently I just type in
ifconfig eth2:0 192.168.11.105
ifconfig eht2:1 192.168.1.105

Also I cannot connect to the internets or the google with said server. I can SSH and RDP into it(with thinstuff) but that is it. I cannot ping yahoo or resolve any names but /etc/resolv.conf is hunky dory. The NIC for that interface is eth1.

Thanks!

billymayday · 06-23-2008, 11:22 PM

Create /etc/sysconfig/network-scripts/ifcfg-eth2:0 with the relevant details in it (copy ifcfg-eth2 as a guide)

Have you checked your firewall settings (iptables -L)

Edit can you ping out to IP rather than name? You may need to let traffic out on port 53

diggs · 06-23-2008, 11:37 PM

Here's what I have in the ultra ghetto fire wall script for DNS

#this is to allow DNS to work.
iptables -A OUTPUT -p udp -o eth0 --dport 53 --sport 1024:65535 -j ACCEPT
iptables -A INPUT -p udp -i eth0 --sport 53 --dport 1024:65535 -j ACCEPT

Eth0 connects me to the outside.

Oh, is there a way to let me ping the internal network, 192.168.x.x whilst preventing pinging from the outside? Internal is on eth2 external is on eth0. Here is what I have for the pinging:

#iptables -A OUTPUT -m state -p icmp --state INVALID -j DROP
#iptables -A INPUT -p icmp -m icmp --icmp-type echo-request -j REJECT
#iptables -A OUTPUT -p icmp -m icmp --icmp-type echo-reply -j REJECT
#iptables -A INPUT -p icmp -j REJECT
#iptables -A OUTPUT -p icmp -j REJECT

billymayday · 06-23-2008, 11:50 PM

Quote:

Oh, is there a way to let me ping the internal network, 192.168.x.x whilst preventing pinging from the outside?

Yes, but your rules are for both

Can you connect to you DNS with telnet (telnet DNS_IP:53)

Can you post your /etc/resolv.conf please

Test DNS with dig in preference to ping as well

diggs · 06-24-2008, 12:03 AM

resolv.conf:
nameserver 204.174.64.1
nameserver 204.174.65.1

cannot telnet to either dns
no luck with dig either

billymayday · 06-24-2008, 12:11 AM

I'd try

Code:

iptables -A OUTPUT -p udp -o eth0 --dport 53 -j ACCEPT
iptables -A INPUT -p udp -i eth0 --sport 53 -j ACCEPT

At least as a test

diggs · 06-24-2008, 12:19 AM

hmm, even after flushing iptables I still cannot resolve...

Oh, the virtual IP stuff worked, thanks!

billymayday · 06-24-2008, 12:31 AM

what does "route" give?

diggs · 06-24-2008, 12:39 AM

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 * 255.255.255.0 U 0 0 0 eth2
192.168.11.0 * 255.255.255.0 U 0 0 0 eth2
192.168.10.0 * 255.255.255.0 U 0 0 0 eth2
2xx.xx.1x9.0 * 255.255.255.0 U 0 0 0 eth0
169.254.0.0 * 255.255.0.0 U 0 0 0 eth2

default 192.168.10.1 0.0.0.0 UG 0 0 0 eth2

billymayday · 06-24-2008, 02:10 AM

I won't claim to be a routing expert, but that doesn't look right to me. I'd assume the the second line should be eth2:0 for example, and your default gateway eth0. Did you set these routes?

Edit - does f7 have system-config-network on it?

rossonieri#1 · 06-25-2008, 02:04 PM

hi diggs,

have you enabled NAT for your eth0 network?